2
// CryptoConvert.cs - Crypto Convertion Routines
5
// Sebastien Pouliot <sebastien@ximian.com>
7
// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
8
// Copyright (C) 2004-2006 Novell Inc. (http://www.novell.com)
10
// Permission is hereby granted, free of charge, to any person obtaining
11
// a copy of this software and associated documentation files (the
12
// "Software"), to deal in the Software without restriction, including
13
// without limitation the rights to use, copy, modify, merge, publish,
14
// distribute, sublicense, and/or sell copies of the Software, and to
15
// permit persons to whom the Software is furnished to do so, subject to
16
// the following conditions:
18
// The above copyright notice and this permission notice shall be
19
// included in all copies or substantial portions of the Software.
21
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
31
using System.Security.Cryptography;
33
#if !(SILVERLIGHT || READ_ONLY)
35
namespace Mono.Security.Cryptography {
37
static class CryptoConvert {
39
static private int ToInt32LE (byte [] bytes, int offset)
41
return (bytes [offset+3] << 24) | (bytes [offset+2] << 16) | (bytes [offset+1] << 8) | bytes [offset];
44
static private uint ToUInt32LE (byte [] bytes, int offset)
46
return (uint)((bytes [offset+3] << 24) | (bytes [offset+2] << 16) | (bytes [offset+1] << 8) | bytes [offset]);
49
static private byte[] Trim (byte[] array)
51
for (int i=0; i < array.Length; i++) {
52
if (array [i] != 0x00) {
53
byte[] result = new byte [array.Length - i];
54
Buffer.BlockCopy (array, i, result, 0, result.Length);
61
static RSA FromCapiPrivateKeyBlob (byte[] blob, int offset)
63
RSAParameters rsap = new RSAParameters ();
65
if ((blob [offset] != 0x07) || // PRIVATEKEYBLOB (0x07)
66
(blob [offset+1] != 0x02) || // Version (0x02)
67
(blob [offset+2] != 0x00) || // Reserved (word)
68
(blob [offset+3] != 0x00) ||
69
(ToUInt32LE (blob, offset+8) != 0x32415352)) // DWORD magic = RSA2
70
throw new CryptographicException ("Invalid blob header");
72
// ALGID (CALG_RSA_SIGN, CALG_RSA_KEYX, ...)
73
// int algId = ToInt32LE (blob, offset+4);
76
int bitLen = ToInt32LE (blob, offset+12);
78
// DWORD public exponent
79
byte[] exp = new byte [4];
80
Buffer.BlockCopy (blob, offset+16, exp, 0, 4);
82
rsap.Exponent = Trim (exp);
85
// BYTE modulus[rsapubkey.bitlen/8];
86
int byteLen = (bitLen >> 3);
87
rsap.Modulus = new byte [byteLen];
88
Buffer.BlockCopy (blob, pos, rsap.Modulus, 0, byteLen);
89
Array.Reverse (rsap.Modulus);
92
// BYTE prime1[rsapubkey.bitlen/16];
93
int byteHalfLen = (byteLen >> 1);
94
rsap.P = new byte [byteHalfLen];
95
Buffer.BlockCopy (blob, pos, rsap.P, 0, byteHalfLen);
96
Array.Reverse (rsap.P);
99
// BYTE prime2[rsapubkey.bitlen/16];
100
rsap.Q = new byte [byteHalfLen];
101
Buffer.BlockCopy (blob, pos, rsap.Q, 0, byteHalfLen);
102
Array.Reverse (rsap.Q);
105
// BYTE exponent1[rsapubkey.bitlen/16];
106
rsap.DP = new byte [byteHalfLen];
107
Buffer.BlockCopy (blob, pos, rsap.DP, 0, byteHalfLen);
108
Array.Reverse (rsap.DP);
111
// BYTE exponent2[rsapubkey.bitlen/16];
112
rsap.DQ = new byte [byteHalfLen];
113
Buffer.BlockCopy (blob, pos, rsap.DQ, 0, byteHalfLen);
114
Array.Reverse (rsap.DQ);
117
// BYTE coefficient[rsapubkey.bitlen/16];
118
rsap.InverseQ = new byte [byteHalfLen];
119
Buffer.BlockCopy (blob, pos, rsap.InverseQ, 0, byteHalfLen);
120
Array.Reverse (rsap.InverseQ);
123
// ok, this is hackish but CryptoAPI support it so...
124
// note: only works because CRT is used by default
125
// http://bugzilla.ximian.com/show_bug.cgi?id=57941
126
rsap.D = new byte [byteLen]; // must be allocated
127
if (pos + byteLen + offset <= blob.Length) {
128
// BYTE privateExponent[rsapubkey.bitlen/8];
129
Buffer.BlockCopy (blob, pos, rsap.D, 0, byteLen);
130
Array.Reverse (rsap.D);
133
catch (Exception e) {
134
throw new CryptographicException ("Invalid blob.", e);
140
rsa.ImportParameters (rsap);
142
catch (CryptographicException ce) {
143
// this may cause problem when this code is run under
144
// the SYSTEM identity on Windows (e.g. ASP.NET). See
145
// http://bugzilla.ximian.com/show_bug.cgi?id=77559
147
CspParameters csp = new CspParameters ();
148
csp.Flags = CspProviderFlags.UseMachineKeyStore;
149
rsa = new RSACryptoServiceProvider (csp);
150
rsa.ImportParameters (rsap);
153
// rethrow original, not the later, exception if this fails
160
static RSA FromCapiPublicKeyBlob (byte[] blob, int offset)
163
if ((blob [offset] != 0x06) || // PUBLICKEYBLOB (0x06)
164
(blob [offset+1] != 0x02) || // Version (0x02)
165
(blob [offset+2] != 0x00) || // Reserved (word)
166
(blob [offset+3] != 0x00) ||
167
(ToUInt32LE (blob, offset+8) != 0x31415352)) // DWORD magic = RSA1
168
throw new CryptographicException ("Invalid blob header");
170
// ALGID (CALG_RSA_SIGN, CALG_RSA_KEYX, ...)
171
// int algId = ToInt32LE (blob, offset+4);
174
int bitLen = ToInt32LE (blob, offset+12);
176
// DWORD public exponent
177
RSAParameters rsap = new RSAParameters ();
178
rsap.Exponent = new byte [3];
179
rsap.Exponent [0] = blob [offset+18];
180
rsap.Exponent [1] = blob [offset+17];
181
rsap.Exponent [2] = blob [offset+16];
184
// BYTE modulus[rsapubkey.bitlen/8];
185
int byteLen = (bitLen >> 3);
186
rsap.Modulus = new byte [byteLen];
187
Buffer.BlockCopy (blob, pos, rsap.Modulus, 0, byteLen);
188
Array.Reverse (rsap.Modulus);
193
rsa.ImportParameters (rsap);
195
catch (CryptographicException) {
196
// this may cause problem when this code is run under
197
// the SYSTEM identity on Windows (e.g. ASP.NET). See
198
// http://bugzilla.ximian.com/show_bug.cgi?id=77559
199
CspParameters csp = new CspParameters ();
200
csp.Flags = CspProviderFlags.UseMachineKeyStore;
201
rsa = new RSACryptoServiceProvider (csp);
202
rsa.ImportParameters (rsap);
206
catch (Exception e) {
207
throw new CryptographicException ("Invalid blob.", e);
213
static public RSA FromCapiKeyBlob (byte[] blob)
215
return FromCapiKeyBlob (blob, 0);
218
static public RSA FromCapiKeyBlob (byte[] blob, int offset)
221
throw new ArgumentNullException ("blob");
222
if (offset >= blob.Length)
223
throw new ArgumentException ("blob is too small.");
225
switch (blob [offset]) {
227
// this could be a public key inside an header
228
// like "sn -e" would produce
229
if (blob [offset + 12] == 0x06) {
230
return FromCapiPublicKeyBlob (blob, offset + 12);
234
return FromCapiPublicKeyBlob (blob, offset);
236
return FromCapiPrivateKeyBlob (blob, offset);
238
throw new CryptographicException ("Unknown blob format.");